nanog mailing list archives
Re: RBL-type BGP service for known rogue networks?
From: Shawn McMahon <smcmahon () eiv com>
Date: Fri, 7 Jul 2000 12:18:15 -0400
On Fri, Jul 07, 2000 at 09:43:07AM -0500, John Kristoff wrote:
This form of "shunning" seems like an appropriate approach, but a little scary. What sorts of mechanisms will prevent temporary black holes and DoS attacks to get an otherwise cooperative organization black holed?
There are at least two (probably more) schools of thought on that. The ORBS approach: Put people on the list quickly, and make it easy for them to get back off the list. The MAPS approach: Make it damn hard to get on the list. So, for instance, in the first approach, any smidgin of proof that somebody should be on the list is enough to get them on there, but any smidgin of counter-proof gets them back off. In the second approach, you need multiple credible reports from independant sources with documentation of the problem, and of your unwillingness to fix it, before you can get on the list. The Usenet Death Penalty is similar to the latter, in that you have to be a widely-known flagrant abuser, and publicly fail to respond to a lot of requests to fix the problem, before you get UDPed. Getting back off is pretty public at that point. All three of these services rely upon the notion that although you have a right to create whatever traffic you like, you don't have the right to inject any of it into my network except on my terms. After that, it's a matter of who likes what particular terms.
Attachment:
_bin
Description:
Current thread:
- Re: RBL-type BGP service for known rogue networks?, (continued)
- Re: RBL-type BGP service for known rogue networks? Steve Sobol (Jul 06)
- Re: RBL-type BGP service for known rogue networks? Valdis . Kletnieks (Jul 06)
- RE: RBL-type BGP service for known rogue networks? Karyn Ulriksen (Jul 06)
- RE: RBL-type BGP service for known rogue networks? Joe Shaw (Jul 07)
- A possible anodyne (was Re: RBL-type BGP service for known rogue networks?). Roland Dobbins (Jul 07)
- RE: RBL-type BGP service for known rogue networks? Joe Shaw (Jul 07)
- Re: RBL-type BGP service for known rogue networks? Richard A. Steenbergen (Jul 06)
- Re: RBL-type BGP service for known rogue networks? David Charlap (Jul 06)
- Re: RBL-type BGP service for known rogue networks? Sean Donelan (Jul 06)
- Re: RBL-type BGP service for known rogue networks? Dan Hollis (Jul 06)
- Re: RBL-type BGP service for known rogue networks? John Kristoff (Jul 07)
- Re: RBL-type BGP service for known rogue networks? Shawn McMahon (Jul 07)
- Re: RBL-type BGP service for known rogue networks? Peter van Dijk (Jul 08)
- Re: RBL-type BGP service for known rogue networks? Randy Bush (Jul 08)
- Re: RBL-type BGP service for known rogue networks? Greg A. Woods (Jul 08)
- Re: RBL-type BGP service for known rogue networks? Peter van Dijk (Jul 08)
- Re: RBL-type BGP service for known rogue networks? Stephen Stuart (Jul 08)
- Re: RBL-type BGP service for known rogue networks? Peter van Dijk (Jul 08)
- Re: RBL-type BGP service for known rogue networks? Stephen Stuart (Jul 08)
- Re: RBL-type BGP service for known rogue networks? Dan Hollis (Jul 06)
- Re: RBL-type BGP service for known rogue networks? Steve Sobol (Jul 08)
- Re: RBL-type BGP service for known rogue networks? Richard Irving (Jul 08)
- Re: RBL-type BGP service for known rogue networks? Peter van Dijk (Jul 09)